exports.__esModule = true;

function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; }

/**
 * 角色功能权限访问验证
 * @param options
 * @param app
 * @returns {function(*, *)}
 */
exports.default = (options, app) => {
  return (() => {
    var _ref = _asyncToGenerator(function* (ctx, next) {
      const url = ctx.url;
      const excludeRouter = options.excludeRouter;
      for (const value of excludeRouter) {
        if (url.indexOf(value) >= 0) {
          return next();
        }
      }
      const user = ctx.state.userInfo;
      const userId = user.userId;
      // 如果是管理员，则直接跳过验证
      if (userId === '000000') {
        return next();
      } else {
        const list = user.roleAuth;
        const url = ctx.url;
        for (const value of list) {
          if (value === url) {
            return next();
            break;
          }
        }
        return ctx.throw('No permission to access', 403);
      }
    });

    return function (_x, _x2) {
      return _ref.apply(this, arguments);
    };
  })();
};